bwJ0cO1WA=&st=2024-10-01T16_29_31Z&se=2024-10-03T16_29_31Z&sp=r.pdf

Full Transcript

Types of
Cybersecurity
threats
Learning Outcomes
1. Understand the types of Security
Threats that can affect an individual or
an organization.
2. Understand the types of Malware
What is a Cybersecurity threat?
Cybersecurity threats are malicious activities by an individual or organization to steal or
damage the data, gain access to a network system, and disrupt digital life.

Data needs to be protected at three
levels:
Personal level- There is a need to
protect one’s identity, data and
computing devices from cybercriminals

Organizational level- Need to
protect Organization’s data.

Government level- there is a need to
protect data where national security,
economic stability and wellbeing of
people are at risk
Personal Data
Personal data is any information that is used to
identify a person. Personal data can exist both offline
and online.

Examples of offline data are real-life personal
information like name, contact details, email address,
or identification number.

When you are connected to the internet, you are
online. Few examples of online data are username, the
social identity you establish and portray on online
communities and websites.
 Collection of personal data
Personal data are
collected when people
access digital copies
like bank account
statements through the
bank’s website or
mobile banking apps.
Social media is a huge
platform where
personal data can be
collected. It earns
income by selling
targeted advertising
based on customer
data that has been
mined using algorithms
or formulas.
A persona is a fictional
Identity Theft character created
based on research data
collection. Big data
Cybercriminals can also steal a person’s identity companies and
and ruin their life. This is called identity theft. An scientists collect social
identity thief can steal a person’s money or even media data and build
take loans in their name and ruin their credit rating. personas that
determine age, gender
or interest.
Activity 1.1.1, 1.1.2, 1.1.3 & 1.1.4
Personal Information a
hacker can have access to
(padlet.com)

Create a strong password

Let’s discuss 1.1.3
Big data are a large volume
of data. Big data companies
which collect data from
social media platforms
usually argue that they are
not ‘selling’ customer data
but ‘sharing’ customer data
with their marketing
partners. Do you agree
with this statement? Write
your opinion here.
 Types of Data
Transactional Intellectual Property data Financial data
buying and selling, production patents, trademarks and new income statements, balance
activities and basic product plans, which allow an sheets and cash flow
organizational operations such organization to gain an statements, which provide
as any information used to economic advantage over its insights into the health of a
make employment decisions. competitors. company
Computer Science
John McCumber Security model

The McCumber Cube was designed to
help organisations evaluate information
security initiatives by considering all
related factors that impact them.

This security model has three dimensions-
1. Desired goals
2. States of information
3. Counter-measures.
Types of Cybersecurity What is Malware?
threats
Malicious activities by an individual or Malware
organization to steal or damage the data.
Gain access to a network system Malware is software written to harm or
cause issues with a computer.
Disrupt digital life
The following are the threats available This can harm or steal data from a
today: computer.
Malware
Social engineering Cybercriminals use malware or malicious
software to carry out their activities.
Denial-of-service
Wi-Fi password cracking
Types of Malware
 1. SPYWARE
It secretly collects the activities on a computer system and then sends the collected data to another person
without the awareness of the computer system owner.

How does it happen? How do we protect our
accepting a prompt or pop-up without reading it
first.
computer?
Anti-spyware software is available to detect and
downloading software from an unreliable source. remove unwanted spyware programs
opening email attachments from unknown
senders.

How do hackers use it?
Monitoring online activities
Capturing all the personal data like passwords or
bank details
 2.VIRUS
It infects a computer when executed and then replicates itself to pass to another computer.

How does it happen?
Most viruses are spread by USB drives, optical
disks, network shares or email.

How do we protect our
computer?
Anti-virus software is available to detect and
remove viruses. Anti-virus software is a collection of
known viruses. Therefore, if a program is suspected
of being virus infected, the anti-virus software will
warn the user and store it separately until it is
confirmed that it is safe to use.
 3. TROJAN HORSE
This malware is named after the Trojans exploits user privileges and are
Greek myth of the Trojan horse. often found in image files, audio files or
games.
Let’s see a quick story about it!
How does it happen?
(69) Trojan Horse - YouTube.

Trojans carry out malicious operations
by hiding their purpose. Trojans
appears genuine, but it is very
dangerous.

How do we protect our computer?

Anti-virus software is available to
remove the trojans.
 4. WORMS
Worms can run by itself and spread
very quickly over the network.

How does it happen?
Worms can exploit the system
vulnerabilities and can move
themselves to cause damage to
computer systems or networks

How do we protect our computer?
Installing good anti-virus software can
protect computer systems or
networks from getting infected with
worms.
5. ADWARE 6. RANSOMWARE
It causes pop-up ads on the screen This hijacks the data on a computer system by
and is sometimes difficult to close encrypting it and then demands the owners to
pay money for the data to be decrypted.
It designed to deliver advertisements
to a user on a web browser
Ransomware is often spread through phishing
automatically.
emails that encourages a user to download a
malicious attachment.
7. BACKDOOR
Backdoor malware gains un-authorized access
to a system by bypassing the normal
authentication procedures.

8. SCAREWARE
Scareware is a type of malware that uses 'scare' tactics
to take a specific action. If the user gets scared and
accepts executing that specific program, the computer
system will become infected with Scareware malware.

9. ROOTKIT
A computer infected with rootkit malware is completed
wiped, and software programs are reinstalled.
Activity 1.1.6- Workbook
Identify the malware used in the following cyberattacks.

Malware designed to track online activity and capture data SPYWARE

Software that automatically delivers advertisements ADWARE
Malware that holds a computer system captive until payment
is made to the attacker RANSOMWARE
Malicious code attached to genuine programs and usually
spreads by USB drives, emails or network shares VIRUS
Malicious code that replicates itself independently by
exploiting vulnerabilities in networks WORMS
 Types of cybersecurity threats
Denial-of-Service DOS
Are a type of network attack that results in some sort of interruption
Computer Science

of network service to users, devices, or applications.

An overwhelming quantity of traffic is a type of DoS attack in a network
where an enormous amount of data is sent to the host at a rate it
cannot handle. This kind of attack causes a slowdown in transmission
or response or cause a device or service to crash.
 Types of cybersecurity threats
Denial-of-Service DOS
Computer Science

A Distributed DoS (DDoS) attack is similar to a DoS attack
but originates from multiple, coordinated sources.
For example, an attacker builds a network (botnet) of
infected hosts called zombies controlled by handler
systems. The zombie computers will constantly scan and
infect more hosts, creating more and more zombies.
When needed, the hacker will instruct the handler systems
to make the botnet of zombies carry out a DDoS attack.

A bot computer is typically infected by visiting an unsafe website or
opening an infected email attachment or media file. A botnet is a group
of bots in hundreds of thousands of bots connected through the internet.
Cyber attackers control a botnet through system commands.
 Types of cybersecurity threats
Denial-of-Service DOS
Computer Science

Also referred to as a man-in-the-middle (mitm) or man-in-the-mobile (mitmo) attack. This attack
intercepts or modifies communications between two devices, such as a web browser and a web server,
to collect information from the devices
A mitm attack happens when a cybercriminal takes control
of a device and captures users’ information without the
user’s knowledge.

A mitmo is a type of attack used to take control over a
user’s mobile device.

Attackers use popular search terms and use SEO to push malicious sites to higher up the ranks of
search results. This technique is called Search Engine Optimization (SEO) poisoning
Computer Science
 Types of cybersecurity threats
Wi-Fi password cracking
One of the most common methods of authenticating to a website is
by entering a username and password. As a result, revealing your
Computer Science

password is a simple way for cybercriminals to gain access to your
most sensitive information.

There are different kinds of password attacks, as follows:
Password spraying
Dictionary attacks
Brute-force attacks
Rainbow attacks
Traffic interception
 Types of cybersecurity threats
Wi-Fi password cracking
Password spraying access to a Traffic interception
system by ‘spraying’ a few By intercepting communications,
Computer Science

commonly used passwords other humans and machines can
across many accounts. easily read plain text or unsecured
passwords
Dictionary attacks
Access to a password-protected Rainbow attacks
account, by systematically Passwords are stored as numerical
trying every word in a data rather than plain text in a
dictionary or a list of commonly computer system. A rainbow table
used words as a password. is a large dictionary of passwords
and their numerical values.

Brute-force attacks
most basic and widely used method of gaining access to a password-protected site,
involve trying every possible combination of letters, numbers, and symbols in the
password space until they get it right
Computer Science
Computer Science
 Summary:
Computer Science

Identify examples of sensitive data
Types of malware
Types of attack.
How examples of sensitive data can be affected
by malware and other network attacks.